Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Explorer

"fw tab -t subnet_for_range_and_peer" for automatic Calculated IPSec IDs

If i set the subnetmask for a given range and peer in user.def I can check the Information with this command "fw tab -t subnet_for_range_and_peer" (sk108600 Scenario 1).

Does someone know a way to get that Information for the automatically calculated IPsec IDs

I can get the Ranges with

[Expert@????:0]# fw tab -t vpn_enc_domain -f
 Using cptfmt
Formatting table's data - this might take a while...

localhost:
Date: Mar 27, 2018
18:19:04        10.???  >     :(+)====================================(+);Table_Name:vpn_enc_domain;:(+);Attributes:static, id 513;product:VPN-1 & FireWall-1;product_family:Network
18:19:04        10.???  >    :(+);First:10.50.0.0;,Last:10.50.255.255;product:VPN-1 & FireWall-1;product_family:Network

What is missing are the used Netmasks.

0 Kudos
3 Replies
Highlighted
Admin
Admin

I suspect in your attempt to obfuscate the information, you've probably masked out the exact information needed.

Feel free to send me the unobscured data in a PM and I can take a look.

Also, please do the output of fw tab -t vpn_enc_domain as described in the SK.

0 Kudos
Highlighted
Contributor

As the output for this command is HEX (and who loves that!?) you might try this one liner:

 

for line in `fw tab -t subnet_for_range_and_peer | grep "<" | sed $'s/[^[:alnum:]\t]//g'`; do echo; counter=0; for item in `echo $line | sed 's/.\{2\}/& /g'`; do counter=$((counter+1)); echo -n $((16#$item)); if [ "$counter" -lt "4" ]; then echo -n "."; elif [ "$counter" == "4" ]; then counter=0; echo -n " "; fi; done; done; echo

 

Cheers, Simon

0 Kudos
Champion
Champion

0 Kudos